user avatar

Principal Cybersecurity Architect - Identity, IAM & Zero Trust

World Wide Technology

Posted today

Job Requirements

Remote
Top Secret/SCI Polygraph Unspecified
Career Level not specified
$150,400 - $188,000

Job Description

This is a full-time direct hire position. We are not able to offer visa sponsorship, 1099 status, or work with C2C for this role.

Why WWT?

At World Wide Technology, we work together to make a new world happen. Our important work benefits our clients and partners as much as it does our people and communities across the globe. WWT is dedicated to achieving its mission of creating a profitable growth company that is also a Great Place to Work for All. We achieve this through our world-class culture, generous benefits, and by delivering cutting-edge technology solutions for our clients.

Founded in 1990, WWT is a global technology solutions provider leading the AI and Digital Revolution. WWT combines the power of strategy, execution, and partnership to accelerate digital transformational outcomes for organizations around the globe. Through its Advanced Technology Center, a collaborative ecosystem of the world's most advanced hardware and software solutions, WWT helps clients and partners conceptualize, test, and validate innovative technology solutions for the best business outcomes and then deploys them at scale through its global warehousing, distribution, and integration capabilities.

With over 12,000 employees across WWT and Softchoice and more than 60 locations around the world, WWT's culture, built on a set of core values and established leadership philosophies, has been recognized 14 years in a row by Fortune and Great Place to Work® for its unique blend of determination, innovation, and creating a great place to work for all.

What is the Internal WWT IT Team, and why join?

The Internal WWT IT team is the backbone of our company's technological infrastructure, ensuring seamless operations and continuous innovation. Our team is dedicated to managing and supporting the company's technology infrastructure, ensuring the smooth operation of hardware, software, networks, and data systems, while providing top-notch technical support to employees.

By joining the Internal WWT IT team, you will play a crucial role in maintaining the efficiency and security of our IT environment, enabling the company to achieve its strategic goals. The Internal IT team offers the opportunity to work in a dynamic and collaborative environment, where your contributions will have a direct impact on the company's success. If you are passionate about technology and eager to take on new challenges, we encourage you to apply and join our team.

Role Summary

WWT Information Security is looking for a Principal Cybersecurity Architect to own the enterprise security architecture across identity, access management, and Zero Trust. This is a senior individual contributor role with significant influence over how people, machines, and workloads authenticate, authorize, and access resources across our environment.

Responsibilities
  • Partner with IT, infrastructure, and business stakeholders to integrate security into technology decisions
  • Mentor and guide security engineers on architecture standards and design decisions

Zero Trust Architecture
  • Design and mature a Zero Trust architecture (ZTNA, MFA, PAM) spanning identity, device trust, network access, and application security - grounded in NIST SP 800-207 and BeyondCorp principles.
  • Define reference architectures, security patterns, and guardrails consumed across engineering and infrastructure teams
  • Lead threat modeling and security architecture reviews for major platform changes and initiatives
  • Evaluate and select security tooling (SASE, SSE, ZTNA, NDR, EDR) aligned to the overall architecture strategy
  • Drive continuous improvement of Zero Trust posture through gap assessments and maturity modelling

Identity & Access Management (IAM)
  • Own the enterprise IAM architecture - covering workforce identity, B2B federation, machine identities, and cloud entitlements
  • Design and govern identity lifecycle management: provisioning, role assignment, access reviews, and deprovisioning - ensuring least privilege is enforced by default and not by exception
  • Architect federation and SSO standards across the enterprise: SAML 2.0, OIDC, OAuth 2.0 - including integrations with third-party SaaS, partner tenants, and customer-facing portals
  • Define authentication assurance levels by resource sensitivity, aligning MFA requirements to NIST AAL2/AAL3 - with a clear roadmap toward phishing-resistant MFA (FIDO2/WebAuthn) for privileged and high-risk access
  • Lead the PAM architecture - credential vaulting, just-in-time privilege, session recording, and endpoint privilege management - in partnership with the security operations team
  • Govern cloud entitlements across AWS, Azure, and GCP through a CIEM framework: identify over-permissioned roles, enforce least privilege for service principals and IAM roles, and manage cross-account trust relationships
  • Establish and maintain a non-human identity strategy: service accounts, API keys, application credentials, and pipeline secrets - eliminating hardcoded credentials and enforcing dynamic secrets via a secrets management platform
  • Drive identity governance processes: access certification campaigns, segregation of duties (SoD) controls, and role-based access control (RBAC) model design
  • Partner with HR, IT, and business application owners to ensure joiner/mover/leaver processes are automated and auditable

Governance & Stakeholder Engagement
  • Define security architecture standards, policies, and exception management processes
  • Mentor security engineers and serve as the escalation point for complex identity and access design decisions
  • Produce architecture artefacts - threat models, data flow diagrams, trust zone maps - suitable for both technical and executive audiences
  • Contribute to the security roadmap and annual planning, translating risk priorities into architectural investments


Qualifications
  • 8+ years in information security, with 4+ years in an architecture or senior engineering role
  • Deep expertise in Zero Trust frameworks (NIST SP 800-207, BeyondCorp) and identity-centric security
  • Strong understanding of threat modeling methodologies (STRIDE, PASTA, ATT&CK)
  • Hands-on experience with enterprise IAM platforms - Microsoft Entra ID, Okta, Ping Identity, or equivalent
  • Strong grasp of federation protocols: SAML 2.0, OIDC, OAuth 2.0, SCIM
  • Experience with PAM platforms (CyberArk, BeyondTrust, Delinea) and secrets management (HashiCorp Vault, AWS Secrets Manager, Azure Key Vault)
  • Familiarity with CIEM tooling and cloud IAM governance across at least two major cloud platforms
  • Experience designing and governing identity lifecycle and IGA processes (SailPoint, Saviynt, or equivalent a plus)
  • Strong understanding of threat modelling methodologies (STRIDE, ATT&CK) and their application to identity attack surfaces
  • Excellent communication skills - able to translate complex architecture into clear guidance for engineers, business stakeholders, and executives
  • Provan experience using diplomacy skills
  • Certifications (preferred):CISSP, SABSA, TOGAF, Microsoft SC-100, Okta Certified Architect, or equivalent

Certain states and localities require employers to post a reasonable estimate of the salary range. A reasonable estimate of the current base pay range for this position is $150,400 to $188,000 annually. Actual salary will be based on a variety of factors, including shift, location, experience, skill set, performance, licensure and certification, and business needs. The range for this position in other geographic locations may differ. Certain positions may also be eligible for variable incentive compensation, such as bonuses or commissions, that are not included in the base pay.

The well-being of WWT employees is essential. So, when it comes to our benefits package, WWT has one of the best. We offer the following benefits to all full-time employees:
  • Health and Wellbeing: Health, Dental, and Vision Care, Onsite Health Centers, Employee Assistance Program, Wellness program
  • Financial Benefits: Competitive pay, Profit Sharing, 401k Plan with Company Matching, Life and Disability Insurance, Tuition Reimbursement
  • Paid Time Off: PTO and Sick Leave (starting at 20 days per year) & Holidays (10 per year), Parental Leave, Military Leave, Bereavement
  • Additional Perks: Nursing Mothers Benefits, Voluntary Legal, Pet Insurance, Employee Discount Program

We strive to create an environment where all employees are empowered to succeed based on their skills, performance, and dedication. Our goal is to cultivate a culture of belonging that encourages innovation, collaboration, and respect for all team members, ensuring that WWT remains a great place to work for All!

If you have any questions or concerns about this posting, please email taposting@wwt.com .

#LI-REMOTE

#LI-MP1
group id: 10106058

Similar Jobs


Job Category
IT - Security
Clearance Level
Top Secret/SCI